Esempio n. 1
0
        public static St_user CheckUser(string userName, string pass)
        {
            if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(pass))
            {
                using (var db = DBService.OpenDb())
                {
                    var user = db.SingleOrDefault <St_user>("LoginName={0} AND LoginPass={1} AND Status<5", userName, DBService.SHA1Hash(pass));
                    if (user != null && user.Id > 0)
                    {
                        var claims = new List <Claim>();
                        claims.Add(new Claim(ClaimTypes.Name, userName));
                        claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()));
                        claims.Add(new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity"));
                        int rid = 0;
                        claims.Add(new Claim(ClaimTypes.Role, rid.ToString()));
                        claims.Add(new Claim("Sex", user.Sex.HasValue && user.Sex.Value ? "1" : "0"));
                        claims.Add(new Claim("DisplayName", user.Name));
                        return(user);
                    }
                }
            }

            return(null);
        }
Esempio n. 2
0
        public static ClaimsIdentity CheckIdentity(string userName, string pass, bool fromadmin)
        {
            if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(pass))
            {
                using (var db = DBService.OpenDb())
                {
                    var user = db.SingleOrDefault <St_user>("LoginName={0} AND LoginPass={1} AND Status<5", userName, DBService.SHA1Hash(pass));
                    if (user != null && user.Id > 0)
                    {
                        var claims = new List <Claim>();
                        claims.Add(new Claim(ClaimTypes.Name, userName));
                        claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()));
                        claims.Add(new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity"));
                        int rid = 0;
                        if (fromadmin && user.RoleId.HasValue && user.RoleId.Value != 0)
                        {
                            rid = user.RoleId.Value == -1 && user.LoginName.Equals("admin", StringComparison.InvariantCultureIgnoreCase) ? -1 : 1;
                        }
                        claims.Add(new Claim(ClaimTypes.Role, rid.ToString()));
                        claims.Add(new Claim("Sex", user.Sex.HasValue && user.Sex.Value ? "1" : "0"));
                        claims.Add(new Claim("DisplayName", user.Name ?? user.LoginName));

                        //管理员5分钟之内禁止再次登录,会员2分钟
                        var minutes = fromadmin ? 5 : 2;
                        if (!user.LastTime.HasValue || string.IsNullOrEmpty(user.LoginToken) || (user.LastTime.HasValue && user.LastTime.Value < DateTime.Now.AddMinutes(-minutes)))
                        {
                            var token = Guid.NewGuid().ToString();
                            db.Update <St_user>(new { LoginToken = token, LastTime = DateTime.Now }, us => us.Id == user.Id);
                            claims.Add(new Claim("Token", token));
                        }
                        else
                        {
                            return(null);
                        }

                        var identity = new ClaimsIdentity(claims, "MyClaimsLogin");
                        return(identity);
                    }
                }
            }

            return(null);
        }